1 files changed, 248 insertions, 0 deletions
diff --git a/packages/tests/src/plugins/id-and-pass-auth.ts b/packages/tests/src/plugins/id-and-pass-auth.ts
new file mode 100644
index 000000000..a332f0eec
--- /dev/null
+++ b/packages/tests/src/plugins/id-and-pass-auth.ts
@@ -0,0 +1,248 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+import { expect } from 'chai'
+import { wait } from '@peertube/peertube-core-utils'
+import { HttpStatusCode, UserRole } from '@peertube/peertube-models'
+import {
+  cleanupTests,
+  createSingleServer,
+  PeerTubeServer,
+  PluginsCommand,
+  setAccessTokensToServers
+} from '@peertube/peertube-server-commands'
+describe('Test id and pass auth plugins', function () {
+  let server: PeerTubeServer
+  let crashAccessToken: string
+  let crashRefreshToken: string
+  let lagunaAccessToken: string
+  let lagunaRefreshToken: string
+  let lagunaId: number
+  before(async function () {
+    this.timeout(30000)
+    server = await createSingleServer(1)
+    await setAccessTokensToServers([ server ])
+    for (const suffix of [ 'one', 'two', 'three' ]) {
+      await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
+    }
+  })
+  it('Should display the correct configuration', async function () {
+    const config = await server.config.getConfig()
+    const auths = config.plugin.registeredIdAndPassAuths
+    expect(auths).to.have.lengthOf(8)
+    const crashAuth = auths.find(a => a.authName === 'crash-auth')
+    expect(crashAuth).to.exist
+    expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
+    expect(crashAuth.weight).to.equal(50)
+  })
+  it('Should not login', async function () {
+    await server.login.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+  })
+  it('Should login Spyro, create the user and use the token', async function () {
+    const accessToken = await server.login.getAccessToken({ username: 'spyro', password: 'spyro password' })
+    const body = await server.users.getMyInfo({ token: accessToken })
+    expect(body.username).to.equal('spyro')
+    expect(body.account.displayName).to.equal('Spyro the Dragon')
+    expect(body.role.id).to.equal(UserRole.USER)
+  })
+  it('Should login Crash, create the user and use the token', async function () {
+    {
+      const body = await server.login.login({ user: { username: 'crash', password: 'crash password' } })
+      crashAccessToken = body.access_token
+      crashRefreshToken = body.refresh_token
+    }
+    {
+      const body = await server.users.getMyInfo({ token: crashAccessToken })
+      expect(body.username).to.equal('crash')
+      expect(body.account.displayName).to.equal('Crash Bandicoot')
+      expect(body.role.id).to.equal(UserRole.MODERATOR)
+    }
+  })
+  it('Should login the first Laguna, create the user and use the token', async function () {
+    {
+      const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
+      lagunaAccessToken = body.access_token
+      lagunaRefreshToken = body.refresh_token
+    }
+    {
+      const body = await server.users.getMyInfo({ token: lagunaAccessToken })
+      expect(body.username).to.equal('laguna')
+      expect(body.account.displayName).to.equal('Laguna Loire')
+      expect(body.role.id).to.equal(UserRole.USER)
+      lagunaId = body.id
+    }
+  })
+  it('Should refresh crash token, but not laguna token', async function () {
+    {
+      const resRefresh = await server.login.refreshToken({ refreshToken: crashRefreshToken })
+      crashAccessToken = resRefresh.body.access_token
+      crashRefreshToken = resRefresh.body.refresh_token
+      const body = await server.users.getMyInfo({ token: crashAccessToken })
+      expect(body.username).to.equal('crash')
+    }
+    {
+      await server.login.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+    }
+  })
+  it('Should update Crash profile', async function () {
+    await server.users.updateMe({
+      token: crashAccessToken,
+      displayName: 'Beautiful Crash',
+      description: 'Mutant eastern barred bandicoot'
+    })
+    const body = await server.users.getMyInfo({ token: crashAccessToken })
+    expect(body.account.displayName).to.equal('Beautiful Crash')
+    expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
+  })
+  it('Should logout Crash', async function () {
+    await server.login.logout({ token: crashAccessToken })
+  })
+  it('Should have logged out Crash', async function () {
+    await server.servers.waitUntilLog('On logout for auth 1 - 2')
+    await server.users.getMyInfo({ token: crashAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
+  })
+  it('Should login Crash and keep the old existing profile', async function () {
+    crashAccessToken = await server.login.getAccessToken({ username: 'crash', password: 'crash password' })
+    const body = await server.users.getMyInfo({ token: crashAccessToken })
+    expect(body.username).to.equal('crash')
+    expect(body.account.displayName).to.equal('Beautiful Crash')
+    expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
+    expect(body.role.id).to.equal(UserRole.MODERATOR)
+  })
+  it('Should login Laguna and update the profile', async function () {
+    {
+      await server.users.update({ userId: lagunaId, videoQuota: 43000, videoQuotaDaily: 43100 })
+      await server.users.updateMe({ token: lagunaAccessToken, displayName: 'laguna updated' })
+      const body = await server.users.getMyInfo({ token: lagunaAccessToken })
+      expect(body.username).to.equal('laguna')
+      expect(body.account.displayName).to.equal('laguna updated')
+      expect(body.videoQuota).to.equal(43000)
+      expect(body.videoQuotaDaily).to.equal(43100)
+    }
+    {
+      const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
+      lagunaAccessToken = body.access_token
+      lagunaRefreshToken = body.refresh_token
+    }
+    {
+      const body = await server.users.getMyInfo({ token: lagunaAccessToken })
+      expect(body.username).to.equal('laguna')
+      expect(body.account.displayName).to.equal('Laguna Loire')
+      expect(body.videoQuota).to.equal(42000)
+      expect(body.videoQuotaDaily).to.equal(43100)
+    }
+  })
+  it('Should reject token of laguna by the plugin hook', async function () {
+    await wait(5000)
+    await server.users.getMyInfo({ token: lagunaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
+  })
+  it('Should reject an invalid username, email, role or display name', async function () {
+    const command = server.login
+    await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+    await server.servers.waitUntilLog('valid username')
+    await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+    await server.servers.waitUntilLog('valid displayName')
+    await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+    await server.servers.waitUntilLog('valid role')
+    await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+    await server.servers.waitUntilLog('valid email')
+  })
+  it('Should unregister spyro-auth and do not login existing Spyro', async function () {
+    await server.plugins.updateSettings({
+      npmName: 'peertube-plugin-test-id-pass-auth-one',
+      settings: { disableSpyro: true }
+    })
+    const command = server.login
+    await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+    await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+  })
+  it('Should have disabled this auth', async function () {
+    const config = await server.config.getConfig()
+    const auths = config.plugin.registeredIdAndPassAuths
+    expect(auths).to.have.lengthOf(7)
+    const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
+    expect(spyroAuth).to.not.exist
+  })
+  it('Should uninstall the plugin one and do not login existing Crash', async function () {
+    await server.plugins.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })
+    await server.login.login({
+      user: { username: 'crash', password: 'crash password' },
+      expectedStatus: HttpStatusCode.BAD_REQUEST_400
+    })
+  })
+  it('Should display the correct configuration', async function () {
+    const config = await server.config.getConfig()
+    const auths = config.plugin.registeredIdAndPassAuths
+    expect(auths).to.have.lengthOf(6)
+    const crashAuth = auths.find(a => a.authName === 'crash-auth')
+    expect(crashAuth).to.not.exist
+  })
+  it('Should display plugin auth information in users list', async function () {
+    const { data } = await server.users.list()
+    const root = data.find(u => u.username === 'root')
+    const crash = data.find(u => u.username === 'crash')
+    const laguna = data.find(u => u.username === 'laguna')
+    expect(root.pluginAuth).to.be.null
+    expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
+    expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
+  })
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})

diff --git a/packages/tests/src/plugins/id-and-pass-auth.ts b/packages/tests/src/plugins/id-and-pass-auth.ts new file mode 100644 index 000000000..a332f0eec --- /dev/null +++ b/packages/tests/src/plugins/id-and-pass-auth.ts
@@ -0,0 +1,248 @@
	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import { expect } from 'chai'
	4	import { wait } from '@peertube/peertube-core-utils'
	5	import { HttpStatusCode, UserRole } from '@peertube/peertube-models'
	6	import {
	7	cleanupTests,
	8	createSingleServer,
	9	PeerTubeServer,
	10	PluginsCommand,
	11	setAccessTokensToServers
	12	} from '@peertube/peertube-server-commands'
	13
	14	describe('Test id and pass auth plugins', function () {
	15	let server: PeerTubeServer
	16
	17	let crashAccessToken: string
	18	let crashRefreshToken: string
	19
	20	let lagunaAccessToken: string
	21	let lagunaRefreshToken: string
	22	let lagunaId: number
	23
	24	before(async function () {
	25	this.timeout(30000)
	26
	27	server = await createSingleServer(1)
	28	await setAccessTokensToServers([ server ])
	29
	30	for (const suffix of [ 'one', 'two', 'three' ]) {
	31	await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-id-pass-auth-' + suffix) })
	32	}
	33	})
	34
	35	it('Should display the correct configuration', async function () {
	36	const config = await server.config.getConfig()
	37
	38	const auths = config.plugin.registeredIdAndPassAuths
	39	expect(auths).to.have.lengthOf(8)
	40
	41	const crashAuth = auths.find(a => a.authName === 'crash-auth')
	42	expect(crashAuth).to.exist
	43	expect(crashAuth.npmName).to.equal('peertube-plugin-test-id-pass-auth-one')
	44	expect(crashAuth.weight).to.equal(50)
	45	})
	46
	47	it('Should not login', async function () {
	48	await server.login.login({ user: { username: 'toto', password: 'password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	49	})
	50
	51	it('Should login Spyro, create the user and use the token', async function () {
	52	const accessToken = await server.login.getAccessToken({ username: 'spyro', password: 'spyro password' })
	53
	54	const body = await server.users.getMyInfo({ token: accessToken })
	55
	56	expect(body.username).to.equal('spyro')
	57	expect(body.account.displayName).to.equal('Spyro the Dragon')
	58	expect(body.role.id).to.equal(UserRole.USER)
	59	})
	60
	61	it('Should login Crash, create the user and use the token', async function () {
	62	{
	63	const body = await server.login.login({ user: { username: 'crash', password: 'crash password' } })
	64	crashAccessToken = body.access_token
	65	crashRefreshToken = body.refresh_token
	66	}
	67
	68	{
	69	const body = await server.users.getMyInfo({ token: crashAccessToken })
	70
	71	expect(body.username).to.equal('crash')
	72	expect(body.account.displayName).to.equal('Crash Bandicoot')
	73	expect(body.role.id).to.equal(UserRole.MODERATOR)
	74	}
	75	})
	76
	77	it('Should login the first Laguna, create the user and use the token', async function () {
	78	{
	79	const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
	80	lagunaAccessToken = body.access_token
	81	lagunaRefreshToken = body.refresh_token
	82	}
	83
	84	{
	85	const body = await server.users.getMyInfo({ token: lagunaAccessToken })
	86
	87	expect(body.username).to.equal('laguna')
	88	expect(body.account.displayName).to.equal('Laguna Loire')
	89	expect(body.role.id).to.equal(UserRole.USER)
	90
	91	lagunaId = body.id
	92	}
	93	})
	94
	95	it('Should refresh crash token, but not laguna token', async function () {
	96	{
	97	const resRefresh = await server.login.refreshToken({ refreshToken: crashRefreshToken })
	98	crashAccessToken = resRefresh.body.access_token
	99	crashRefreshToken = resRefresh.body.refresh_token
	100
	101	const body = await server.users.getMyInfo({ token: crashAccessToken })
	102	expect(body.username).to.equal('crash')
	103	}
	104
	105	{
	106	await server.login.refreshToken({ refreshToken: lagunaRefreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	107	}
	108	})
	109
	110	it('Should update Crash profile', async function () {
	111	await server.users.updateMe({
	112	token: crashAccessToken,
	113	displayName: 'Beautiful Crash',
	114	description: 'Mutant eastern barred bandicoot'
	115	})
	116
	117	const body = await server.users.getMyInfo({ token: crashAccessToken })
	118
	119	expect(body.account.displayName).to.equal('Beautiful Crash')
	120	expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
	121	})
	122
	123	it('Should logout Crash', async function () {
	124	await server.login.logout({ token: crashAccessToken })
	125	})
	126
	127	it('Should have logged out Crash', async function () {
	128	await server.servers.waitUntilLog('On logout for auth 1 - 2')
	129
	130	await server.users.getMyInfo({ token: crashAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
	131	})
	132
	133	it('Should login Crash and keep the old existing profile', async function () {
	134	crashAccessToken = await server.login.getAccessToken({ username: 'crash', password: 'crash password' })
	135
	136	const body = await server.users.getMyInfo({ token: crashAccessToken })
	137
	138	expect(body.username).to.equal('crash')
	139	expect(body.account.displayName).to.equal('Beautiful Crash')
	140	expect(body.account.description).to.equal('Mutant eastern barred bandicoot')
	141	expect(body.role.id).to.equal(UserRole.MODERATOR)
	142	})
	143
	144	it('Should login Laguna and update the profile', async function () {
	145	{
	146	await server.users.update({ userId: lagunaId, videoQuota: 43000, videoQuotaDaily: 43100 })
	147	await server.users.updateMe({ token: lagunaAccessToken, displayName: 'laguna updated' })
	148
	149	const body = await server.users.getMyInfo({ token: lagunaAccessToken })
	150	expect(body.username).to.equal('laguna')
	151	expect(body.account.displayName).to.equal('laguna updated')
	152	expect(body.videoQuota).to.equal(43000)
	153	expect(body.videoQuotaDaily).to.equal(43100)
	154	}
	155
	156	{
	157	const body = await server.login.login({ user: { username: 'laguna', password: 'laguna password' } })
	158	lagunaAccessToken = body.access_token
	159	lagunaRefreshToken = body.refresh_token
	160	}
	161
	162	{
	163	const body = await server.users.getMyInfo({ token: lagunaAccessToken })
	164	expect(body.username).to.equal('laguna')
	165	expect(body.account.displayName).to.equal('Laguna Loire')
	166	expect(body.videoQuota).to.equal(42000)
	167	expect(body.videoQuotaDaily).to.equal(43100)
	168	}
	169	})
	170
	171	it('Should reject token of laguna by the plugin hook', async function () {
	172	await wait(5000)
	173
	174	await server.users.getMyInfo({ token: lagunaAccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
	175	})
	176
	177	it('Should reject an invalid username, email, role or display name', async function () {
	178	const command = server.login
	179
	180	await command.login({ user: { username: 'ward', password: 'ward password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	181	await server.servers.waitUntilLog('valid username')
	182
	183	await command.login({ user: { username: 'kiros', password: 'kiros password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	184	await server.servers.waitUntilLog('valid displayName')
	185
	186	await command.login({ user: { username: 'raine', password: 'raine password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	187	await server.servers.waitUntilLog('valid role')
	188
	189	await command.login({ user: { username: 'ellone', password: 'elonne password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	190	await server.servers.waitUntilLog('valid email')
	191	})
	192
	193	it('Should unregister spyro-auth and do not login existing Spyro', async function () {
	194	await server.plugins.updateSettings({
	195	npmName: 'peertube-plugin-test-id-pass-auth-one',
	196	settings: { disableSpyro: true }
	197	})
	198
	199	const command = server.login
	200	await command.login({ user: { username: 'spyro', password: 'spyro password' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	201	await command.login({ user: { username: 'spyro', password: 'fake' }, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
	202	})
	203
	204	it('Should have disabled this auth', async function () {
	205	const config = await server.config.getConfig()
	206
	207	const auths = config.plugin.registeredIdAndPassAuths
	208	expect(auths).to.have.lengthOf(7)
	209
	210	const spyroAuth = auths.find(a => a.authName === 'spyro-auth')
	211	expect(spyroAuth).to.not.exist
	212	})
	213
	214	it('Should uninstall the plugin one and do not login existing Crash', async function () {
	215	await server.plugins.uninstall({ npmName: 'peertube-plugin-test-id-pass-auth-one' })
	216
	217	await server.login.login({
	218	user: { username: 'crash', password: 'crash password' },
	219	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	220	})
	221	})
	222
	223	it('Should display the correct configuration', async function () {
	224	const config = await server.config.getConfig()
	225
	226	const auths = config.plugin.registeredIdAndPassAuths
	227	expect(auths).to.have.lengthOf(6)
	228
	229	const crashAuth = auths.find(a => a.authName === 'crash-auth')
	230	expect(crashAuth).to.not.exist
	231	})
	232
	233	it('Should display plugin auth information in users list', async function () {
	234	const { data } = await server.users.list()
	235
	236	const root = data.find(u => u.username === 'root')
	237	const crash = data.find(u => u.username === 'crash')
	238	const laguna = data.find(u => u.username === 'laguna')
	239
	240	expect(root.pluginAuth).to.be.null
	241	expect(crash.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-one')
	242	expect(laguna.pluginAuth).to.equal('peertube-plugin-test-id-pass-auth-two')
	243	})
	244
	245	after(async function () {
	246	await cleanupTests([ server ])
	247	})
	248	})